Date: Sat, 6 Jul 2002 10:29:18 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: randy@turbowarp.net Cc: questions@FreeBSD.ORG Subject: Re: Bind 9.2.1 rndc problems Message-ID: <20020706092918.GA7912@happy-idiot-talk.infracaninophi> In-Reply-To: <3011.64.192.42.53.1025896457.squirrel@new.host.name> References: <3011.64.192.42.53.1025896457.squirrel@new.host.name>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 05, 2002 at 02:14:17PM -0500, randy@turbowarp.net wrote:
> For practical purposes it is serving up zones. But rndc is not working.
> It's another daemon in my life that I want control over.
> Which by what I have read is some problen to do with rndc keys or conf
> file, but I will be darned if I can figure it out. I searched the bind
> lists, read the Cricket book and found this to be a fairly common problem
> that, for others, was easily fixed with minor adjustments.
Just use the rndc-confgen program:
happy-idiot-talk:/:# /usr/local/sbin/rndc-confgen
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "9a9sm+tnc77FgG+BIK6H/Q==";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndc-key" {
# algorithm hmac-md5;
# secret "9a9sm+tnc77FgG+BIK6H/Q==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
By default rndc-confgen(8) sets everything up to give access from the
localhost, but read the man page for details on how to use it to set
things up differently
> I have tried so many different configurations and modifications of
> files. Which leads me to believe that it may have something to do
> with Freebsd specifics, such as file locations. I have rndc.conf in
> /etc/rndc.conf; named.conf is in /etc/named/named.conf. I don't
> have a separate key file since the key file is in named.conf.
Hmmm... Unless you've overridden the standard ${PREFIX}, the bind9
port expects to find named.conf in /usr/local/etc/named.conf and
rndc.conf in /usr/local/etc/rndc.conf --- if you absolutely must keep
the config files in /etc, then you will have to tell rndc to look
there:
rndc -c /etc/rndc.conf ...
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
Tel: +44 1628 476614 Marlow
Fax: +44 0870 0522645 Bucks., SL7 1TH UK
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020706092918.GA7912>